<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Document</title>
</head>
<body>
<form action="" enctype="multipart/form-data" method="post">
    <!-- <input type="hidden" name="MAX_FILE_SIZE" value="2"> -->
    <input type="file" name='image'>
    <input type="submit" value='上传' name="sub">
    </form>
</body>
</html>
<?php 
// $image=['.png','.jpg','.gif'];
// // var_dump($_FILES);
// if(!empty($_POST)){
//    $name= $_FILES['image']['name']; 
//    $key=strrchr($name,'.');
//    if(in_array($key,$image)){
//        if($_FILES['image']['error']){
//         $path=uniqid('user').rand(100,500).$_FILES['image']['name'];
//         move_uploaded_file($_FILES['image']['tmp_name'],'./upload/'.$path);
//         echo "上传成功";
//        }else{
//         echo "上传不成功";
//        }
//    }else{
//        echo "文件格式失败";
//    }
// }
// 方法二
// $allow=array('image/jpeg','image/png','image/');
// if(!empty($_POST)){
//        $name= $_FILES['image']['name']; 
//        $key=strrchr($name,'.');
//        if(in_array($key,$image)){
//            if($_FILES['image']['error']){
//             $path=uniqid('user').rand(100,500).$_FILES['image']['name'];
//             move_uploaded_file($_FILES['image']['tmp_name'],'./upload/'.$path);
//             echo "上传成功";
//            }else{
//             echo "上传不成功";
//            }
//        }else{
//            echo "文件格式失败";
//        }
//     }
// 方法三：php_fileinfo扩展(可以防止文件伪装)
$allow=array('image/jpeg','image/png','image/');
//创建一个fileinfo资源
$info=finfo_open(FILEINFO_MIME_TYPE);
$min=finfo_file($info,$_FILES['image']['tmp_name']);
if(in_array($min,$allow)){
               if($_FILES['image']['error']==0){
                $path=uniqid('user').rand(100,500).$_FILES['image']['name'];
                
                echo "上传成功";
               }else{
                echo "上传不成功";
               }
           }else{
               echo "文件格式失败";
           }
?>